www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.paypal.com/us/webapps/mpp/security/suspicious-activity?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT0...
Effective URL:
https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
Submission: On August 18 via api (August 18th 2022, 4:59:29 am UTC) from BE — Scanned from DE

Summary HTTP 46 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 46 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2338.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 12th 2022. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
30	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
46	6

6 151.101.65.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2094	807 KB
9	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2338 t.paypal.com — Cisco Umbrella Rank: 3136	45 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1926	43 KB
3	gstatic.com www.gstatic.com	329 KB
1	qualtrics.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 13691	9 KB
46	5

	Domain	Requested by
30	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
6	www.paypal.com	1 redirects www.paypal.com www.paypalobjects.com
4	www.recaptcha.net	www.paypal.com www.gstatic.com www.recaptcha.net
3	www.gstatic.com	www.recaptcha.net
3	t.paypal.com	www.paypal.com
1	zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	www.paypalobjects.com
46	6

This site contains links to these domains. Also see Links.

Domain
developer.paypal.com
www.consumer.ftc.gov
about.pypl.com
newsroom.paypal-corp.com
investor.paypal-corp.com
publicpolicy.paypal-corp.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
misc.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
Frame ID: FB683B438F1E31B4C7E33631F724F72D
Requests: 38 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: FFCC80C7B6ED05E553C75F2E06C031B0
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=22q2to9vn87s
Frame ID: 632181FB0EA63D45EEE03268718DFC03
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to Detect Phishing Scams | PayPal US

Page URL History Show full URLs

https://www.paypal.com/us/webapps/mpp/security/suspicious-activity?v=1&utm_source=unp&utm_medium=em... HTTP 301
https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_ca... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Page Statistics

46
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1231 kB
Transfer

4090 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://developer.paypal.com/home
Title: Developer

Search URL Search Domain Scan URL

URL: https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams#report
Title: Go to the FTC page

Search URL Search Domain Scan URL

URL: https://about.pypl.com/home/default.aspx
Title: About

Search URL Search Domain Scan URL

URL: http://newsroom.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://investor.paypal-corp.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://about.pypl.com/values-in-action/default.aspx
Title: Values in Action

Search URL Search Domain Scan URL

URL: https://publicpolicy.paypal-corp.com/
Title: Public Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paypal.com/us/webapps/mpp/security/suspicious-activity?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000298&utm_unptid=7322ed1a-1dab-11ed-bd1f-3cfdfef06a55&ppid=RT000298&cnac=FR&rsta=fr_FR(fr-FR)&cust=&unptid=7322ed1a-1dab-11ed-bd1f-3cfdfef06a55&calc=f13945668da26&unp_tpcid=email-standard-transaction-unilateral&page=main:email:RT000298&pgrp=main:email&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.107.0&xt=104038 HTTP 301
https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request learn-about-fake-messages Show response
www.paypal.com/us/security/
Redirect Chain

https://www.paypal.com/us/webapps/mpp/security/suspicious-activity?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000298&utm_unptid=7322ed1a-1dab-11ed-bd1f-3cfdfef06a55&ppid=RT000298&cnac=FR&rs...
https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

142 KB
28 KB

510ms
510ms

Document
text/html

151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

936ea9ce038efd0acead96ebe7b60cb6988906f13a0387d5626eaeae604116e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-Jjjaa7QSi3VxPyXFvjc0BeFVx0cwl5NmoQ2Q9/pIaRljsVKs' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-Jjjaa7QSi3VxPyXFvjc0BeFVx0cwl5NmoQ2Q9/pIaRljsVKs' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 04:59:24 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"2384e-pDUibM8nzuElBlsjJm4txz6ydaM"
paypal-debug-id: f385220b8d467
server-timing: "traceparent;desc="00-0000000000000000000f385220b8d467-554f17026a4b01f9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f385220b8d467-44b77951d8f71da7-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4025-HHN
x-timer: S1660798764.429378,VS0,VE502
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 300
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-JkfTtGrJD32fYmV8eI2R2FI1erTr8tuE4dUl9lySPnWHyaPR' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 04:59:24 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
paypal-debug-id: f38522083f51c
server-timing: "traceparent;desc="00-0000000000000000000f38522083f51c-a8f9353f39e081d0-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f38522083f51c-f8bfe77bc06c63bd-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4025-HHN
x-timer: S1660798764.122300,VS0,VE299
x-xss-protection: 1; mode=block

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 22 KB
7 KB 72ms
16ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: dcaa6edc90bc4
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6711
x-served-by: cache-sjc10066-SJC, cache-hhn4059-HHN
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
x-timer: S1660798765.003504,VS0,VE0
etag: W/"624d6980-5940"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 4105, 434556

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 63ms
7ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 00fe0e9046677
dc: ccg11-origin-www-1.paypal.com
content-length: 18320
x-served-by: cache-sjc10073-SJC, cache-hhn4050-HHN
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
x-timer: S1660798765.003377,VS0,VE0
etag: "5a66ae4b-4790"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 58449

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 64ms
8ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 8c8861f97f0a0
dc: ccg11-origin-www-1.paypal.com
content-length: 18360
x-served-by: cache-sjc10068-SJC, cache-hhn4050-HHN
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
x-timer: S1660798765.003518,VS0,VE0
etag: "5a66a30d-47b8"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 393, 54355

GET
H2 200 cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
www.paypalobjects.com/marketing-resources/css/71/ 711 KB
81 KB 63ms
7ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5c7fa9ae4101f00bf8323ecc7f90a61143f95c682da8b2ccf10c79de5873c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 807f260197c61
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 82126
x-served-by: cache-sjc10039-SJC, cache-hhn4059-HHN
last-modified: Tue, 16 Aug 2022 17:20:08 GMT
traceparent: 00-0000000000000000000807f260197c61-caa6a03048453bcd-01
x-timer: S1660798765.002993,VS0,VE0
etag: W/"62fbd1c8-b1bbc"
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 17

GET
H2 200 spot.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 5 KB
2 KB 25ms
23ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/spot.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d0efcbe295fe47b7bec8ed85ffe1fbadff6d878691f7e5cb5c753f35136a995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: ebeb670c21c94
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 2121
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10051-SJC, cache-hhn4059-HHN
last-modified: Wed, 29 Sep 2021 07:40:35 GMT
x-timer: S1660798765.013120,VS0,VE1
etag: W/"61541873-13bf"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 9540, 1

GET
H2 200 launch-spot.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 1 KB
928 B 26ms
25ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/launch-spot.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9cb41ae47c707079889a1916a6f1534f484432e4d709088dcb34f8f8b71eca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 46d0b574ee1a7
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 749
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10058-SJC, cache-hhn4059-HHN
last-modified: Mon, 04 Oct 2021 08:51:43 GMT
x-timer: S1660798765.014101,VS0,VE0
etag: W/"615ac09f-5e6"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 749, 22

GET
H2 200 pricing-blue.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 2 KB
1 KB 29ms
27ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/pricing-blue.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

337b34f91b622a538904b8647f810ea42e5f0a7b76af261229774bcddc16df2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: fa2cd003b4f05
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 892
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10034-SJC, cache-hhn4059-HHN
last-modified: Mon, 04 Oct 2021 10:34:16 GMT
x-timer: S1660798765.014082,VS0,VE1
etag: W/"615ad8a8-8e4"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 8451, 1

GET
H2 200 pin-blue.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/pin-blue.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d571e48dd85ed1670b5a326d862a103273657ce5fe2a4b1d1bb921fcbddc51ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 65f5293907760
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 999
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10046-SJC, cache-hhn4059-HHN
last-modified: Mon, 04 Oct 2021 10:34:16 GMT
x-timer: S1660798765.014073,VS0,VE1
etag: W/"615ad8a8-748"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 8659, 1

GET
H2 200 hero-identify-fakes.png
www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/ 28 KB
28 KB 29ms
28ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/hero-identify-fakes.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

768bb561e932addfeb5a89cba84a83e8803e59605ce6c5e269863cc2d85310f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=28561 idim=1692x960 ifmt=png ofsz=28561 odim=1692x960 ofmt=png
paypal-debug-id: 64a2f3532b1cb
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 28561
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10065-SJC, cache-hhn4059-HHN
traceparent: 00-000000000000000000064a2f3532b1cb-ec8630bb380b0322-01
x-timer: S1660798765.014051,VS0,VE1
etag: "6DeEvf/refZlgRfAJNvN8bhHxh0+66M0blDGNDrxnUA"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 react-17_0_1-bundle.js Show response
www.paypalobjects.com/marketing-resources/vendors/ 132 KB
44 KB 26ms
24ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: a9716acb2a824
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 44545
x-served-by: cache-sjc10041-SJC, cache-hhn4059-HHN
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
x-timer: S1660798765.014035,VS0,VE0
etag: W/"603428fb-20ee8"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 1035, 7

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 55 KB
21 KB 55ms
17ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: c321a8442ded6
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 21559
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10037-SJC, cache-hhn4059-HHN
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
traceparent: 00-0000000000000000000c321a8442ded6-97739b5c1f555b0e-01
x-timer: S1660798765.003560,VS0,VE0
etag: W/"62fa9eab-dcf5"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 42649

GET
H2 200 open-chat.js Show response
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 1 KB
1 KB 26ms
24ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 3c55c1d95fdc3
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 779
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10068-SJC, cache-hhn4059-HHN
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
x-timer: S1660798765.014024,VS0,VE0
etag: W/"60271b1c-5bf"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 6422, 7

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
557 B 25ms
24ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: a8e965ab34f9e
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 365
x-served-by: cache-sjc10053-SJC, cache-hhn4059-HHN
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
x-timer: S1660798765.014005,VS0,VE0
etag: W/"60271561-22a"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 153, 63870

GET
H2 200 58b221149b3c2257c4826c67c0b65c2a9308a6.js Show response
www.paypalobjects.com/marketing-resources/js/97/ 1 MB
349 KB 55ms
17ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/97/58b221149b3c2257c4826c67c0b65c2a9308a6.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b3872f04854a2bfcee97d2b37ec9f80d1fb9d6d73c2b9d4f7e567f0f984c83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: a33e08bbfa4c8
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 357061
x-served-by: cache-sjc10050-SJC, cache-hhn4059-HHN
last-modified: Tue, 16 Aug 2022 17:20:08 GMT
traceparent: 00-0000000000000000000a33e08bbfa4c8-48da0898cb88289c-01
x-timer: S1660798765.003542,VS0,VE0
etag: W/"62fbd1c8-142c48"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 2

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/76b283649621ce65/ 10 KB
6 KB 259ms
258ms Script
text/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/76b283649621ce65/recaptchav3.js?_sessionID=uop7Xn2t6gs7PaECXqwyttiZNCXzQfYb

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b3f303697ba6c8e09f4ab732d3f0e8f908cbcd791399871b6ca2e57711234ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-gYbxaWudvbNckBwlPVwqGVMqTiA82w/sftShXkurF65CkEyj' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-gYbxaWudvbNckBwlPVwqGVMqTiA82w/sftShXkurF65CkEyj' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9193123bcf29
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4025-HHN
traceparent: 00-0000000000000000000f9193123bcf29-f437d19d1ede1a19-01
x-timer: S1660798765.966658,VS0,VE251
date: Thu, 18 Aug 2022 04:59:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"2645-F8hn0AelBVHrIMurFzTX8zInIiA"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 1 KB
729 B 8ms
4ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: d8b748076f403
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 548
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10021-SJC, cache-hhn4059-HHN
last-modified: Wed, 15 Jun 2022 22:33:20 GMT
x-timer: S1660798765.036374,VS0,VE0
etag: W/"62aa5e30-436"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1218, 261373

GET
H2 200 paypal-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 3 KB
2 KB 10ms
6ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7a5fa64e5479a4c203a655eaa4e878f9df6e3e070faf8e5dd9408b74b591c292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 762b8ab69ae97
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 1453
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10025-SJC, cache-hhn4059-HHN
last-modified: Wed, 25 May 2022 18:17:26 GMT
x-timer: S1660798765.042424,VS0,VE0
etag: W/"628e72b6-da5"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 2051, 59029

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 11ms
7ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 6ebaf6db24abf
dc: ccg11-origin-www-1.paypal.com
content-length: 27457
x-served-by: cache-sjc10033-SJC, cache-hhn4050-HHN
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
x-timer: S1660798765.042813,VS0,VE0
etag: "6298f2c0-6b41"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 471, 11142

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 18ms
14ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 6c9cefc994081
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
x-served-by: cache-sjc10065-SJC, cache-hhn4050-HHN
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
x-timer: S1660798765.043217,VS0,VE0
etag: "60271cda-6318"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 21178, 299939

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 12ms
8ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 2bf271596580
dc: ccg11-origin-www-1.paypal.com
content-length: 18508
x-served-by: cache-sjc10066-SJC, cache-hhn4050-HHN
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
x-timer: S1660798765.043213,VS0,VE0
etag: "60271cda-484c"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 17102, 283590

GET
H2 200 PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ 26 KB
26 KB 11ms
8ms Font
application/font-woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/71/cf86c59bd0712aab9ae1ccd5bb864738d0e9db.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: f25deb53cfd3a
dc: ccg11-origin-www-1.paypal.com
content-length: 26700
x-served-by: cache-sjc10063-SJC, cache-hhn4050-HHN
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
traceparent: 00-0000000000000000000f25deb53cfd3a-f20c4e5cf1113c94-01
x-timer: S1660798765.043190,VS0,VE0
etag: "6298f2c0-684c"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 7172, 23

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 291 KB
34 KB 8ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cadb2a9badf973121df95b6cadd9547011298dc869f05feee682482380b00cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: a3b8559b67f92
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 34478
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10038-SJC, cache-hhn4050-HHN
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
traceparent: 00-0000000000000000000a3b8559b67f92-9fad9e6efdd241ea-01
x-timer: S1660798765.111026,VS0,VE0
etag: W/"62fa9eab-48a0d"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 41299

GET
H2 200 eligibility Show response
www.paypal.com/smartchat/open/ 1 KB
2 KB 193ms
193ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/security/learn-about-fake-messages

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b966049de8ac6ac3946f66ff7237305021794b8dc400b49899dfeb90579209

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn; script-src 'nonce-Abm29RmqUXL/XHpVTAqkrurdfQJ2o/18DKbNN3i5sp3xt7N4' 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' https://.kampyle.com https://.qualtrics.com; font-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn data:; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-Abm29RmqUXL/XHpVTAqkrurdfQJ2o/18DKbNN3i5sp3xt7N4' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9193127ab19d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4025-HHN
traceparent: 00-0000000000000000000f9193127ab19d-ffaf0832158494da-01
x-timer: S1660798765.115610,VS0,VE186
date: Thu, 18 Aug 2022 04:59:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"562-DD7wZPFNaht/owPBnFXSpVYN0/4"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 7 KB
4 KB 7ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: b078ca8ac714d
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 3329
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10074-SJC, cache-hhn4050-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798765.174058,VS0,VE0
etag: W/"61dccd14-1d47"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 16199, 278705

GET
H2 200 12.2e4d3453d92fa382c1f6.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 56 KB
16 KB 7ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: bbade2e971170
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16285
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10033-SJC, cache-hhn4059-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798765.183500,VS0,VE0
etag: W/"61dccd14-e017"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 396011

POST
H2 200 Targeting.php Show response
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 112 KB
9 KB 346ms
270ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d613a147d5bde5aeeca2e5bb74658d07ce574f608d9a39f1275920606054006e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: af8faf0071f14f8c
cf-ray: 73c8147af9b49122-FRA

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame FFCC 4 KB
2 KB 165ms
165ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/76b283649621ce65/recaptchav3.js?_sessionID=uop7Xn2t6gs7PaECXqwyttiZNCXzQfYb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 04:59:25 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"fb3-18287f9fa78"
last-modified: Wed, 10 Aug 2022 13:38:03 GMT
paypal-debug-id: f919312d7fa77
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f919312d7fa77-e6ca950a0ca7af0f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4025-HHN
x-timer: S1660798765.233602,VS0,VE158

GET
H2 200 ts
t.paypal.com/ 42 B
819 B 228ms
182ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660798765232&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=f385220b8d467&nsid=uop7Xn2t6gs7PaECXqwyttiZNCXzQfYb&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=da129f970ce140e4949b6d1daef547df&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=105410%2C105409%2C104759%2C104406%2C104407&xt=123956%2C123954%2C120840%2C119037%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=both&lgin=out&page_type=contentful&shir=main_mktg_both_security&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000298&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&displaypage=main%3Amktg%3Aboth%3Asecurity%3Asecurity-learn-about-fake-messages&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v3a&bannersource=ConsentNodeServ&eligibility_reason=false&is_native=false&cookie_disabled=false&e=ac

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f2bc0ecba9170
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4022-HHN
pragma: no-cache
traceparent: 00-0000000000000000000f2bc0ecba9170-775edc2ebc78a72b-01
x-timer: S1660798765.282635,VS0,VE175
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 04:59:25 GMT

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame FFCC 977 B
1 KB 143ms
46ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5df12374dac40067845218936d702e8bbaae89ec8e1e427516429855d2fd6b42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Thu, 18 Aug 2022 04:59:25 GMT

GET
H2 200 CoreModule.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 100 KB
30 KB 7ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1e81c0acf248c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 30223
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10041-SJC, cache-hhn4059-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798766.568670,VS0,VE0
etag: W/"61dccd14-190b6"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 3740, 14

GET
H2 200 how-to-spot-phishing.png
www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/ 31 KB
31 KB 8ms
7ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/how-to-spot-phishing.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9418567eb3e2c0988ed9adc91db2d16eebf5a44b307af1396b672aa1c9b73c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=31858 idim=1692x1200 ifmt=png ofsz=31858 odim=1692x1200 ofmt=png
paypal-debug-id: a7841f99b6c6
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 31858
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10020-SJC, cache-hhn4059-HHN
x-timer: S1660798766.572213,VS0,VE1
etag: "6eis55wlaHJY/1qC2dLEQU+fNInLWc2wZWyXX1hi/ng"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 how-to-generic-greetings.png
www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/ 1 KB
1 KB 8ms
8ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/how-to-generic-greetings.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4e68ef53de417c49bb10bbe071a6d1a592c96ed82fc6a4ee25c792959ea71f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=1069 idim=300x300 ifmt=png ofsz=1069 odim=300x300 ofmt=png
paypal-debug-id: 580e9bdb1ba8c
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1069
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10052-SJC, cache-hhn4059-HHN
traceparent: 00-0000000000000000000580e9bdb1ba8c-a7ad65d7c63d9cde-01
x-timer: S1660798766.572473,VS0,VE1
etag: "qxqy/1ErYAOan4vJ4p7lgPLfZ8FR+9dN0nfk/PBbH84"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 how-to-attachments.png
www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/ 3 KB
3 KB 9ms
8ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/security-center/L3-Fakes/how-to-attachments.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8912c03da9e44b96617d57d8853c593f970af9dbf9442a55b8d97fdef86fc4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=2888 idim=300x300 ifmt=png ofsz=2888 odim=300x300 ofmt=png
paypal-debug-id: 851c0f60c35b8
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 2888
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10065-SJC, cache-hhn4059-HHN
x-timer: S1660798766.572460,VS0,VE1
etag: "UYZAJY8V+9JfuuMB2YzeStZMzf6EKYjD9wWV9sQ7vfU"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame FFCC 383 KB
153 KB 118ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 17:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 17:01:52 GMT

GET
H2 200 4.bee7caf079144a7b9980.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 58b0bcb6e53fb
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 1231
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10030-SJC, cache-hhn4059-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798766.604458,VS0,VE0
etag: W/"61dccd14-9ed"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 10100, 340279

GET
H2 200 1.1303dc17a61da0f506d3.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 29 KB
7 KB 8ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 42982a9762bbf
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6602
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10026-SJC, cache-hhn4059-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798766.604626,VS0,VE0
etag: W/"61dccd14-7257"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 3065, 340024

GET
H2 200 17.0e47ac923c1fa85e46cf.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 19 KB
8 KB 8ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 4c85a99c2905d
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 7762
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10024-SJC, cache-hhn4059-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1660798766.604763,VS0,VE0
etag: W/"61dccd14-4a99"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 19219, 3

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 6321 43 KB
23 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=22q2to9vn87s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42e4a9f2ae2087fbff812d9a96990a0be1b2a3ded20362c2738724c54807d1e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ECagJsOfvfnxDEpIjm4Kbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23149
content-security-policy: script-src 'report-sample' 'nonce-ECagJsOfvfnxDEpIjm4Kbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 04:59:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 6321 52 KB
24 KB 110ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=22q2to9vn87s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 15:01:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 6321 383 KB
152 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 17:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 17:01:52 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
513 B 183ms
182ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660798766018&g=0&pgrp=main%3Amktg%3Aboth%3Asecurity%3Asecurity-learn-about-fake-messages&page=main%3Amktg%3Aboth%3Asecurity%3Asecurity-learn-about-fake-messages%3A%3A%3A&pgst=Unknown&calc=f385220b8d467&nsid=uop7Xn2t6gs7PaECXqwyttiZNCXzQfYb&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=da129f970ce140e4949b6d1daef547df&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=both&lgin=out&page_type=contentful&shir=main_mktg_both_security&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000298&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A1759%2C%22tcp%22%3A1060%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A327%7D&pt=How%20to%20Detect%20Phishing%20Scams%20%7C%20PayPal%20US&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=510&t3=3&t4d=0&t4=0&t4e=2&tt=1431&rdc=1&protocol=h2&res=%7B%7D&rtt=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:26 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: fb5a17129a7a4
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4022-HHN
pragma: no-cache
traceparent: 00-0000000000000000000fb5a17129a7a4-9bd05ed8da3a450a-01
x-timer: S1660798766.023361,VS0,VE176
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 04:59:26 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 6321 102 B
134 B 45ms
45ms Other
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=22q2to9vn87s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 18 Aug 2022 04:59:26 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 6321 32 KB
19 KB 73ms
73ms XHR
application/json 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a132bb3d9adff85bbc65180e6dd85ac08a801f2b8cfbb33f7534607aef290209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=22q2to9vn87s
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 18 Aug 2022 04:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19004
x-xss-protection: 1; mode=block
expires: Thu, 18 Aug 2022 04:59:26 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 284ms
283ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-aJNhqtU5OzrV6XOjcjc5p2eCQoyYM/gDOrK92T3X58OZVv6i' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-aJNhqtU5OzrV6XOjcjc5p2eCQoyYM/gDOrK92T3X58OZVv6i' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f986656bf4992
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4025-HHN
traceparent: 00-0000000000000000000f986656bf4992-6780ea058f9c000a-01
x-timer: S1660798766.366379,VS0,VE277
date: Thu, 18 Aug 2022 04:59:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
515 B 168ms
168ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660798767018&g=0&pgrp=main%3Amktg%3Aboth%3Asecurity%3Asecurity-learn-about-fake-messages&page=main%3Amktg%3Aboth%3Asecurity%3Asecurity-learn-about-fake-messages%3A%3A%3A&pgst=Unknown&calc=f385220b8d467&nsid=uop7Xn2t6gs7PaECXqwyttiZNCXzQfYb&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=da129f970ce140e4949b6d1daef547df&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=both&lgin=out&page_type=contentful&shir=main_mktg_both_security&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000298&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=183&t3=1&tt=184&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A184%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/security/learn-about-fake-messages?utm_source=unp&utm_medium=email&utm_campaign=RT000298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:59:27 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: fdf9fa2b13576
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4022-HHN
pragma: no-cache
traceparent: 00-0000000000000000000fdf9fa2b13576-931987222114d906-01
x-timer: S1660798767.023324,VS0,VE161
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 04:59:27 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 09:39:10	Name: _GRECAPTCHA Value: 09AMjm62Waitg3e1q2Yz0ws0I0WWW_Sg90LVwta0A0XC0H93NeYwSa5WdHjXxKmvBbLkypum1EOvotdE-6MYtslHs
.paypal.com/	1970-01-20 05:20:30	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 14:05:34	Name: enforce_policy Value: ccpa
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3Auop7Xn2t6gs7PaECXqwyttiZNCXzQfYb.ktjrYP7kNA6i0IPssIV6h1hzLkCslf0CXb6P1V5TtI8
.paypal.com/	1970-01-20 14:55:58	Name: ts_c Value: vr%3Daf5204ad1820a1d4f50f54e7ff9853d9%26vt%3Daf5204ad1820a1d4f50f54e7ff9853d8
.paypal.com/	1970-01-20 14:55:58	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 05:20:00	Name: l7_az Value: dcg02.phx
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2MDc5ODc2NjU2MiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 05:24:17	Name: tsrce Value: authchallengenodeweb
.paypal.com/	1970-01-20 14:55:58	Name: ts Value: vreXpYrS%3D1755493167%26vteXpYrS%3D1660800567%26vr%3Daf5204ad1820a1d4f50f54e7ff9853d9%26vt%3Daf5204ad1820a1d4f50f54e7ff9853d8%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-Jjjaa7QSi3VxPyXFvjc0BeFVx0cwl5NmoQ2Q9/pIaRljsVKs' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.17.209.240
151.101.130.133
151.101.65.21
151.101.65.35
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
0b3872f04854a2bfcee97d2b37ec9f80d1fb9d6d73c2b9d4f7e567f0f984c83f
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95
1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56
337b34f91b622a538904b8647f810ea42e5f0a7b76af261229774bcddc16df2e
42e4a9f2ae2087fbff812d9a96990a0be1b2a3ded20362c2738724c54807d1e7
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4e68ef53de417c49bb10bbe071a6d1a592c96ed82fc6a4ee25c792959ea71f63
5b3f303697ba6c8e09f4ab732d3f0e8f908cbcd791399871b6ca2e57711234ea
5df12374dac40067845218936d702e8bbaae89ec8e1e427516429855d2fd6b42
60b966049de8ac6ac3946f66ff7237305021794b8dc400b49899dfeb90579209
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
768bb561e932addfeb5a89cba84a83e8803e59605ce6c5e269863cc2d85310f2
77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78
7a5fa64e5479a4c203a655eaa4e878f9df6e3e070faf8e5dd9408b74b591c292
8912c03da9e44b96617d57d8853c593f970af9dbf9442a55b8d97fdef86fc4f6
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
8d0efcbe295fe47b7bec8ed85ffe1fbadff6d878691f7e5cb5c753f35136a995
936ea9ce038efd0acead96ebe7b60cb6988906f13a0387d5626eaeae604116e9
9418567eb3e2c0988ed9adc91db2d16eebf5a44b307af1396b672aa1c9b73c72
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9cadb2a9badf973121df95b6cadd9547011298dc869f05feee682482380b00cd
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
a132bb3d9adff85bbc65180e6dd85ac08a801f2b8cfbb33f7534607aef290209
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d571e48dd85ed1670b5a326d862a103273657ce5fe2a4b1d1bb921fcbddc51ee
d5c7fa9ae4101f00bf8323ecc7f90a61143f95c682da8b2ccf10c79de5873c76
d613a147d5bde5aeeca2e5bb74658d07ce574f608d9a39f1275920606054006e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
e9cb41ae47c707079889a1916a6f1534f484432e4d709088dcb34f8f8b71eca3
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

1231 kBTransfer

4090 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1231 kB
Transfer

4090 kB
Size

10
Cookies

46 HTTP transactions
0 data transactions